Cyber Daily 11/1: MFA Vulnerability Exposes Credit Card Data, Sri Lanka CERT Warns of Cybercrime Surge, CISA and NIST Update on AI Cyberattacks
Welcome to the November 1st issue of ONSEC Cyber Daily, your one-stop source for the latest in cybersecurity news. Today, we're diving into a range of critical vulnerabilities and patches, from an MFA website vulnerability that puts credit card data at risk, to a surge in cybercrime in Sri Lanka. We'll also explore Fortinet's discovery of more malicious IPs linked to a widely exploited zero-day, and CISA's latest guidance on manufacturing software. ServiceNow is urging organizations to apply security patches for vulnerabilities that enable RCE and SQL Injection risks, while VulnCheck has found critical security flaws in ABB building automation and energy management software. In addition, millions of websites remain vulnerable due to a cache plugin, and both Microsoft and Mozilla have released patches for recent security vulnerabilities. We'll also discuss a high-severity flaw in the LiteSpeed Cache WordPress Plugin, and Samsung's urgent update deadline due to a vulnerability in Qualcomm chipsets. Finally, we'll delve into a new Microsoft password hack, the exploitation of a Windows Themes zero-day flaw, and a Pacific Rim timeline of interlocking attack campaigns. Stay tuned for our podcast section where we'll highlight discussions on cybersecurity platforms, compliance nightmares, space security issues, and practical cybersecurity resources for MSPs. Don't miss out on this comprehensive coverage of today's most pressing cybersecurity issues. Stay informed, stay secure with ONSEC Cyber Daily.
Exploits Alert
- MFA Website Vulnerability Puts Credit Card Data at Risk: A significant vulnerability has been discovered in a Multi-Factor Authentication (MFA) website, potentially exposing credit card data. The Sri Lanka CERT has issued a warning about the rise in cybercrime through various platforms, including fraudulent websites. Source: ReadMe.
- Fortinet Discovers More Malicious IPs Linked to Widely Exploited Zero-Day: Cybersecurity firm Fortinet has identified additional malicious IPs connected to a widely exploited zero-day vulnerability. The vulnerability, which lacks authentication for a critical function, has been actively exploited. Source: Cybersecurity Dive.
- CISA Offers Manufacturing Software Guidance, Key Vulnerability Updates: The Cybersecurity and Infrastructure Security Agency (CISA) has provided guidance on manufacturing software and key vulnerability updates. The National Institute of Standards and Technology (NIST) has also published details about a unique type of cyberattack targeting AI systems. Source: Manufacturing.net.
Vulnerabilities & Patches
- ServiceNow Now Platform Vulnerabilities Enable RCE and SQL Injection Risks (CVE-2024-8923): ServiceNow's Now Platform has been found to have vulnerabilities that could lead to remote code execution and SQL injection risks. The company urges organizations to apply the security patches if they haven't done so yet. Source: SOCRadar
- VulnCheck finds critical security flaws in ABB building automation and energy management software (CVE-2023-0636 and CVE-2024-6209): ABB's Cylon ASPECT, a widely used building automation and energy management software, has been found to have critical security flaws. These vulnerabilities have been present since 2022 and impact the software significantly. Source: Industrial Cyber
- Millions of websites vulnerable due to cache plugin (CVE-2024-43573): Approximately 2 million websites have been patched against a vulnerability in a cache plugin, leaving 4 million still open to a possible attack. Source: Techzine Global
- Microsoft Windows Security Vulnerability – October 2024 (CVE-2024-43573): Microsoft has released an official patch to address a flaw in MSHTML. This patch corrects the vulnerability, identified as CVE-2024-43573. Source: Security Boulevard
- Mozilla Firefox Security Vulnerability – October 2024 (CVE-2024-9680): Mozilla has released an official patch to remediate a security vulnerability in Firefox. Users are urged to upgrade their browser to the latest version to protect against this vulnerability. Source: Security Boulevard
Podcasts
- Cyber Uncut Podcast: In this episode, Sadiq Iqbal, sales engineering lead at Check Point Software, discusses the misconception that having more cybersecurity platforms equates to better safety. He emphasizes the importance of a comprehensive security strategy over multiple platforms. Source: Cyber Daily
- Compliance Nightmares | Dentons: This Halloween special episode discusses the importance of a comprehensive security risk assessment in avoiding cybersecurity nightmares. The podcast emphasizes the role of compliance in maintaining security. Source: JDSupra
- PSSI Space Security Podcast: The third episode of this podcast sheds light on critical space security issues from the Indo-Pacific region. It offers a unique perspective on the intersection of space and cybersecurity. Source: SpaceWatch Global
- CompTIA Cybersecurity Resources: This episode offers practical cybersecurity resources that Managed Service Providers (MSPs) can utilize. It provides valuable insights into the tools and strategies that MSPs can leverage to enhance their security posture. Source: Telecom Reseller
- Month in Security with Tony Anscombe: This episode provides a roundup of the top cybersecurity news stories in October 2024. It highlights the importance of staying updated with the latest cybersecurity trends and threats. Source: WeLiveSecurity
Wisdom from the ONSEC Founders' Vault
Pentests Matrix for Top Security Compliances. This comprehensive guide details use cases, specific testing requirements, and reference sections for each standard, simplifying regulatory compliance and supporting effective system security. Source
Final Words
And that's a wrap for today's edition of 'ONSEC Cyber Daily'. We hope you found these updates informative and helpful in staying ahead of the curve in this ever-evolving digital landscape. Remember, knowledge is power, and sharing this power can make a world of difference. So, don't forget to pass this newsletter along to your friends and colleagues. Let's work together to create a safer cyber world, one day at a time. Stay safe, stay informed, and see you in the next edition!